Safe Haskell | None |
---|---|
Language | Haskell2010 |
Synopsis
- data Metadata = Metadata {}
- data RuleCheck = RuleCheck {
- metadata :: Metadata
- filename :: Filename
- linenumber :: Linenumber
- success :: Bool
- newtype RulesConfig = RulesConfig {}
- type IgnoreRuleParser = Parsec Void Text
- type ParsedFile = [InstructionPos ParsedShell]
- type SimpleCheckerWithState state = state -> Linenumber -> Instruction ParsedShell -> (state, Bool)
- type SimpleCheckerWithLine = Linenumber -> Instruction ParsedShell -> Bool
- type CheckerWithState state = state -> Linenumber -> Instruction ParsedShell -> (state, [Metadata])
- link :: Metadata -> Text
- type Rule = ParsedFile -> [RuleCheck]
- mapInstructions :: CheckerWithState state -> state -> Rule
- instructionRule :: Text -> Severity -> Text -> (Instruction ParsedShell -> Bool) -> Rule
- instructionRuleLine :: Text -> Severity -> Text -> SimpleCheckerWithLine -> Rule
- instructionRuleState :: Text -> Severity -> Text -> SimpleCheckerWithState state -> state -> Rule
- withState :: a -> b -> (a, b)
- argumentsRule :: (ParsedShell -> a) -> Arguments ParsedShell -> a
- analyze :: [Rule] -> Dockerfile -> [RuleCheck]
- ignored :: Dockerfile -> [(Linenumber, [Text])]
- rules :: [Rule]
- optionalRules :: RulesConfig -> [Rule]
- allFromImages :: ParsedFile -> [(Linenumber, BaseImage)]
- allAliasedImages :: ParsedFile -> [(Linenumber, ImageAlias)]
- allImageNames :: ParsedFile -> [(Linenumber, Text)]
- previouslyDefinedAliases :: Linenumber -> ParsedFile -> [Text]
- aliasMustBe :: (Text -> Bool) -> Instruction a -> Bool
- fromName :: BaseImage -> Text
- fromAlias :: BaseImage -> Maybe ImageAlias
- shellcheck :: Rule
- absoluteWorkdir :: Rule
- hasNoMaintainer :: Rule
- usingProgram :: String -> ParsedShell -> Bool
- multipleCmds :: Rule
- multipleEntrypoints :: Rule
- wgetOrCurl :: Rule
- invalidCmd :: Rule
- noRootUser :: Rule
- noCd :: Rule
- noSudo :: Rule
- noAptGetUpgrade :: Rule
- noUntagged :: Rule
- noLatestTag :: Rule
- aptGetVersionPinned :: Rule
- aptGetPackages :: ParsedShell -> [String]
- aptGetCleanup :: Rule
- noApkUpgrade :: Rule
- apkAddVersionPinned :: Rule
- apkAddPackages :: ParsedShell -> [String]
- apkAddNoCache :: Rule
- useAdd :: Rule
- invalidPort :: Rule
- pipVersionPinned :: Rule
- stripInstallPrefix :: [String] -> [String]
- npmVersionPinned :: Rule
- aptGetYes :: Rule
- aptGetNoRecommends :: Rule
- isArchive :: Text -> Bool
- isUrl :: Text -> Bool
- copyInsteadAdd :: Rule
- copyEndingSlash :: Rule
- copyFromExists :: Rule
- copyFromAnother :: Rule
- fromAliasUnique :: Rule
- useShell :: Rule
- useJsonArgs :: Rule
- usePipefail :: Rule
- registryIsAllowed :: Set Registry -> Rule
Documentation
RuleCheck | |
|
newtype RulesConfig Source #
Contains the required parameters for optional rules
RulesConfig | |
|
Instances
Eq RulesConfig Source # | |
Defined in Hadolint.Rules (==) :: RulesConfig -> RulesConfig -> Bool # (/=) :: RulesConfig -> RulesConfig -> Bool # | |
Show RulesConfig Source # | |
Defined in Hadolint.Rules showsPrec :: Int -> RulesConfig -> ShowS # show :: RulesConfig -> String # showList :: [RulesConfig] -> ShowS # | |
Semigroup RulesConfig Source # | |
Defined in Hadolint.Rules (<>) :: RulesConfig -> RulesConfig -> RulesConfig # sconcat :: NonEmpty RulesConfig -> RulesConfig # stimes :: Integral b => b -> RulesConfig -> RulesConfig # | |
Monoid RulesConfig Source # | |
Defined in Hadolint.Rules mempty :: RulesConfig # mappend :: RulesConfig -> RulesConfig -> RulesConfig # mconcat :: [RulesConfig] -> RulesConfig # |
type ParsedFile = [InstructionPos ParsedShell] Source #
type SimpleCheckerWithState state = state -> Linenumber -> Instruction ParsedShell -> (state, Bool) Source #
A function to check individual dockerfile instructions. It gets the current state and a line number. It should return the new state and whether or not the check passes for the given instruction.
type SimpleCheckerWithLine = Linenumber -> Instruction ParsedShell -> Bool Source #
A function to check individual dockerfile instructions. It gets the current line number. It should return True if the check passes for the given instruction.
type CheckerWithState state = state -> Linenumber -> Instruction ParsedShell -> (state, [Metadata]) Source #
A function to check individual dockerfile instructions. It should return the new state and a list of Metadata records. Each Metadata record signifies a failing check for the given instruction.
type Rule = ParsedFile -> [RuleCheck] Source #
mapInstructions :: CheckerWithState state -> state -> Rule Source #
instructionRule :: Text -> Severity -> Text -> (Instruction ParsedShell -> Bool) -> Rule Source #
instructionRuleLine :: Text -> Severity -> Text -> SimpleCheckerWithLine -> Rule Source #
instructionRuleState :: Text -> Severity -> Text -> SimpleCheckerWithState state -> state -> Rule Source #
argumentsRule :: (ParsedShell -> a) -> Arguments ParsedShell -> a Source #
ignored :: Dockerfile -> [(Linenumber, [Text])] Source #
optionalRules :: RulesConfig -> [Rule] Source #
allFromImages :: ParsedFile -> [(Linenumber, BaseImage)] Source #
allAliasedImages :: ParsedFile -> [(Linenumber, ImageAlias)] Source #
allImageNames :: ParsedFile -> [(Linenumber, Text)] Source #
previouslyDefinedAliases :: Linenumber -> ParsedFile -> [Text] Source #
Returns a list of all image aliases in FROM instructions that are defined before the given line number.
aliasMustBe :: (Text -> Bool) -> Instruction a -> Bool Source #
Returns the result of running the check function on the image alias name, if the passed instruction is a FROM instruction with a stage alias. Otherwise, returns True.
shellcheck :: Rule Source #
usingProgram :: String -> ParsedShell -> Bool Source #
multipleCmds :: Rule Source #
wgetOrCurl :: Rule Source #
invalidCmd :: Rule Source #
noRootUser :: Rule Source #
noUntagged :: Rule Source #
noLatestTag :: Rule Source #
aptGetPackages :: ParsedShell -> [String] Source #
aptGetCleanup :: Rule Source #
noApkUpgrade :: Rule Source #
apkAddPackages :: ParsedShell -> [String] Source #
apkAddNoCache :: Rule Source #
invalidPort :: Rule Source #
stripInstallPrefix :: [String] -> [String] Source #
npmVersionPinned :: Rule Source #
Rule for pinning NPM packages to version, tag, or commit
supported formats by Hadolint
npm install (with no args, in package dir)
npm install [@scope/]name
npm install [@scope/]nametag
npm install [<
scope>/]name@version
npm install git[+http|+https]:/git-hostgit-user/repo-name[semver:semver]
npm install git+ssh:/git-host:git-userrepo-name[semver:semver]
useJsonArgs :: Rule Source #
usePipefail :: Rule Source #